Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Amjad Khan Mohammed

Riyadh

Summary

Dynamic IT Security Engineer with a proven track record at Leejam Sports Company, excelling in endpoint and network security. Expert in threat detection and response, I successfully managed over 3,000 devices, enhancing data loss prevention strategies. Adept at vulnerability management and fostering collaboration, I drive impactful security solutions that protect organizational assets.

Overview

13
13
years of professional experience
1
1
Certification

Work History

IT Security Engineer

Leejam Sports Company
Riyadh
07.2023 - Current
  • Managed over 3,000 Leejam endpoint devices using FortiClient EMS Cloud, ensuring robust endpoint security and seamless operations across all branches.
  • Developed and deployed comprehensive FortiClient installation packages and detailed security profiles, including malware protection, vulnerability scanning, application firewall, and sandboxing.
  • Network Detection and Response (NDR): Led the implementation of NDR solutions, leveraging real-time network traffic analysis to detect anomalies, identify malicious activities, and enhance incident response capabilities.
  • Data Loss Prevention (DLP): Deployed and configured DLP systems to prevent unauthorized data transfer, ensuring compliance with regulatory requirements.
  • Collaborate with cross-functional teams to integrate DLP with network devices, firewalls (Fortinet), email gateways, and endpoint protection tools, enhancing data visibility and control.
  • Investigate and resolve DLP incidents, perform root cause analysis (RCA), and fine-tune detection rules to minimize false positives and ensure regulatory compliance (PCI-DSS, ISO 27001).
  • Develop and maintain DLP documentation, workflows, and response playbooks while training IT staff on secure data handling and DLP best practices.
  • Generate detailed reports for audit, compliance, and executive review, highlighting trends, potential risks, and actionable mitigation strategies.
  • Formulated and enforced endpoint policies, such as the 'BLOCK USB' policy, with exceptions for POS systems, and provided training to branch IT staff.
  • Integrated and managed log generation with FortiAnalyzer, ensuring thorough review and monitoring of security logs for proactive threat management.
  • Monitored and protected all Leejam employee emails from threats and viruses, overseeing inbound and outbound email traffic and configuring sender authentication policies (SPF, DKIM).
  • Implemented and managed GEO IP location restrictions, sender spoof protection, anti-spam, and anti-virus policies to enhance email security.
  • Created and deployed recipient policies based on trusted domains and managed incident response and impersonation protection.
  • Managed and protected Leejam-associated websites (Leejam.com.sa and fitnesstime.com.sa) using Cloudflare Web Application Firewall (WAF) and implemented DDoS protection strategies.
  • Configured and maintained DNS records and SSL certificates for Leejam domains, ensuring secure and reliable web presence.
  • Monitored web events using RayID, ensuring continuous protection and performance optimization of Leejam web assets.
  • Spearheaded the detection and response efforts within the Security Operations Center (SOC), conducting thorough analysis of security incidents and coordinating with cross-functional teams.
  • Oversaw connectivity for 215+ branches using Fortinet SD-WAN technology, ensuring seamless network operations and optimized performance.
  • Designed and implemented the OpManager monitoring tool at Leejam Sports Company, enhancing operational efficiency and network performance.
  • Sourced and implemented new security solutions, managed vulnerability assessments, and maintained comprehensive documentation of network configurations, policies, and security measures.

Network Security Engineer

Nour Communications
Riyadh
04.2020 - 07.2023
  • Working knowledge of Firewalls like FortiGate, PaloAlto, Cisco ASA.
  • Identify and troubleshoot issues with remotely managed networks.
  • Installed, Configured, maintained and upgraded enterprise network infrastructure that includes Cisco Switches, Cisco Routers.
  • Creating objects, address and Address Groups.
  • Creating Access-lists Polices between Different Zones (permit ot deny).
  • Configuring Cisco switches C2960X, C3850, Nexus 2248 and Nexus 9372.
  • Hands on experience on routers ISR4321/K9 and ASR 9001.
  • Managing and troubleshooting WAN protocol like iBGP in IGP on Nexus 9K switches and EBGP in BGP on ASR 9001 routers.
  • Troubleshoot with ISPs like STC, Mobily, Salam and GO telecom if EBGP goes down until it is fixed.
  • Configuring Layer 2 security (BPDU Guard, Root Guard & spanning-tree Port fast).
  • Dealt with the escalation problems from Level1, Level 2 & Level 3 for routing, switching and WAN connectivity issues using ticketing system Remedy.
  • Involved in Troubleshoot and monitoring network traffic through Manage Engine Opmanager and Net flow.
  • Work within a ticketing tool Manage Engine Service Desk Plus and work order system.
  • Installation, re-configuration, maintenance and troubleshooting of hardware upgrade, software upgrade and integration of core network elements.
  • Work and troubleshoot with Internet Service Providers (ISP) to turn up WAN circuits.
  • Resolve network related issues to meet SLA requirements and escalate if necessary.
  • Demonstrate an understanding of effective network troubleshooting skills and the ability to use them.

Network & Wireless Engineer

Al-Yamama Company
Riyadh
11.2014 - 03.2020
  • Company Overview: Project - Princess Noura University
  • Configuring, installing and troubleshooting network devices and services including routers, firewalls, network access restrictions & wireless network.
  • Maintained network and systems by managing product and capability roadmaps, establishing maintenance procedures, and working with systems administrators and other engineers to perform regular network maintenance.
  • Supporting and monitoring the existing infrastructure, supervising preventative maintenance and backup as well as performing other regular support activities to ensure effectiveness.
  • Designing and implementing networks, troubleshooting DNS, DHCP and monitoring connectivity issues.
  • Leading the development of business continuity plans, identifying SLA misses for incidents, implementing disaster recovery infrastructure & taking relevant actions.
  • Providing thought leadership in network development and support practices; identifying training needs and organizing training programs.
  • Monitoring network performance, identifying & mitigating bottlenecks by implementing rectifications initiatives.
  • Ensured that IT systems, applications, and communication equipment within the organization were managed and maintained in accordance with documented processes, procedures, guidelines, and instructions.
  • Implemented the roll out, designing, configuring Cisco wireless access point 1100 series, 1200 series and 2600 series.
  • Predictive Planning Report Generation using Air Magnet Tool by Fluke Networks for ensuring 100% coverage, Provided suggestion related to feasible locations for the Access point through site surveys.
  • Integrated Cisco Wireless controller system (WCS) from Data Centre with the Cisco access points through BDF & IDF switches. Mapping & Calibration of Wireless Access point coverage using WCS. Active Survey through Air magnet Tool. Ensured proper coverage of wireless network dependency for cisco IP Telephone 7920 & Ekahau Real Time Locating System.
  • Project - Princess Noura University

Network Engineer

Wipro Arabia LTD.
Eastern Province
10.2012 - 06.2013
  • Company Overview: Project - Landmark Group
  • Worked as a Network Engineer for Land Mark Groups at Bandar Trading, Khobar, Dammam. Major role in this Organization as Network Engineer, I was responsible for Implementing, Configuring and Troubleshooting the Routers and Switches for all the Stores which belong to Landmark Groups in the entire Eastern region of K.S.A.
  • Project - Landmark Group

Education

Bachelor of Technology - CSE

Jawaharlal Nehru and Technological University
Hyderabad, India
01.2008

Skills

  • Endpoint and network security
  • Threat detection and response
  • Data loss prevention strategies
  • Vulnerability management

Certification

  • Cisco (CCNA/CCNP Routing and Switching)
  • PaloAlto
  • Fortinet
  • Certified Ethical Hacker (CEH)

Timeline

IT Security Engineer

Leejam Sports Company
07.2023 - Current

Network Security Engineer

Nour Communications
04.2020 - 07.2023

Network & Wireless Engineer

Al-Yamama Company
11.2014 - 03.2020

Network Engineer

Wipro Arabia LTD.
10.2012 - 06.2013

Bachelor of Technology - CSE

Jawaharlal Nehru and Technological University

Similar Profiles

CREATE PROFILE
Amjad Khan Mohammed